<%@page import="java.net.URLDecoder"%>
<%@page import="org.ilead.iserve.common.CookiesHelper"%>
<%@page import="org.ilead.iserve.model.User"%>
<%@page import="java.util.Map"%>
<%@page import="org.ilead.iserve.constants.SessionKeyConstant"%>
<%@page import="org.ilead.iserve.service.manager.UserManager"%>
<%@ page contentType="text/html; charset=UTF-8" %>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%
String msg = "";

String loginName = request.getParameter("loginName");
String password = request.getParameter("password");
String validateCode = request.getParameter("validateCode");

if(loginName != null && !"".equals(loginName))
	loginName = URLDecoder.decode(loginName, "UTF-8");
if(password != null && !"".equals(password))
	password = URLDecoder.decode(password, "UTF-8");
if(validateCode != null && !"".equals(validateCode))
	validateCode = URLDecoder.decode(validateCode, "UTF-8");

try {
	String rand = session.getAttribute(SessionKeyConstant.RAND).toString();
	boolean autoLoginFlag = "1".equals(request.getParameter("autoLoginFlag"));
	if(!(validateCode.equalsIgnoreCase(rand))){
		msg = "验证码错误";
	}else{
		User loginUser = UserManager.getInstance().login(loginName, password);
		if (null != loginUser && loginUser.getPermission() > 1) {
			UserManager.getInstance().updateSessionAndUser(request, loginUser);
			if(autoLoginFlag)
				CookiesHelper.setUserCookies(request, response, loginUser.getLoginName(), loginUser.getPassword());
			else
				CookiesHelper.clearUserCookies(request, response);
			msg = "";
		} else if(null == loginUser){
			msg = "用户名或密码错误";
		} else{
			msg = "该用户名未通过管理员审核";
		}
	}
} catch (Exception e) {
	msg = "登录出现错误";
}
response.setContentType("text/xml");
response.setHeader("Cache-Control","no-stroe");
response.setHeader("pragma","no-cache");
response.setDateHeader("Expries",0);
//当msg为空时，js报错
if("".equals(msg)){
	msg = "url:";
	Object pageObj = session.getAttribute(SessionKeyConstant.LAST_ACCESS_PAGE);
	String lastAccessPage = pageObj != null ? pageObj.toString() : "";
	if(null == lastAccessPage || "".equals(lastAccessPage)){
		msg += request.getContextPath() + "/index.jsp";
	}else{
		msg += lastAccessPage;
	}
}
response.getWriter().write("<msg>" + msg + "</msg>");
%>
